CVE-2026-4392
6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X
Summary
A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proof results in reachable assertion. Remote exploitation of the attack is possible. Upgrading to version 3.13.8 is capable of addressing this issue. Upgrading the affected component is recommended.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | TeamSpeak 3 Server | 3.13.0 | affected |
| n/a | TeamSpeak 3 Server | 3.13.1 | affected |
| n/a | TeamSpeak 3 Server | 3.13.2 | affected |
| n/a | TeamSpeak 3 Server | 3.13.3 | affected |
| n/a | TeamSpeak 3 Server | 3.13.4 | affected |
| n/a | TeamSpeak 3 Server | 3.13.5 | affected |
| n/a | TeamSpeak 3 Server | 3.13.6 | affected |
| n/a | TeamSpeak 3 Server | 3.13.7 | affected |
| n/a | TeamSpeak 3 Server | 3.13.8 | unaffected |
Weaknesses
- CWE-617: Reachable Assertion
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://vuldb.com/vuln/366316
- https://vuldb.com/vuln/366316/cti
- https://modzero.com/en/advisories/mz-26-01-teamspeak/
- https://files.teamspeak-services.com/docs/security/TS-SA-2026-001.html
- https://www.teamspeak.com/en/downloads/#server
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.